A processor based system, alternatively termed a platform herein, using a processor such as an Intel® Pentium 4 processor may be a personal computer, server computer, workstation, personal desktop assistant (PDA), game system, set top box, or smart mobile phone, among others. In many such systems, an operating system such as Linux or a Microsoft Windows™ operating system is often used to manage and provide access to the system's resources and to allow other programs to access those resources and use the system. It may be necessary to provide an application or service that uses the system with a level of trust in the operating system. One known method of establishing such a level of trust is for the application or service to measure the operating system in one of many known ways, for example by obtaining an MD5 checksum of the text of the operating system kernel in memory, and to compare the value obtained by measuring the operating system to an expected value. An ideal measuring method would generally need to be aware of the organization of the OS and its layout in memory to be most accurate. The same general principle may be applied to establishing trust in any program or component of a program such as a driver or kernel module of the operating system.
In order to prevent vulnerabilities or an existing corruption of an operating system from affecting the measurement, a measuring agent outside the operating system may be preferred. An issue when measuring an operating system and storing the data for later use by an application or agent seeking to establish a trust level in the OS is the security of the stored measurement itself, if a malicious hardware agent or software agent is able to modify the measurement while or after it is made, it may corrupt the trust establishment process.
Virtualization is a technique that enables a processor based host machine with support for virtualization in hardware and software, or in some cases, in software only, to present an abstraction of the host, such that the underlying hardware of the host machine appears as one or more independently operating virtual machines. Each virtual machine may therefore function as a self-contained platform. Often, virtualization technology is used to allow multiple programs, termed guests, such as operating systems and/or other guest software to coexist and execute apparently simultaneously and apparently independently on multiple virtual machines while actually physically executing on the same hardware platform. A virtual machine may mimic the hardware of the host machine or alternatively present a different hardware abstraction altogether.
Virtualization systems provide guest software operating in a virtual machine with a set of resources (e.g., processors, memory, IO devices) and may map some or all of the components of a physical host machine into the virtual machine, or create fully virtual components. The virtualization system may thus be said to provide a virtual bare machine interface to guest software.
More generally, systems may provide the ability for different programs to execute in isolated regions of memory and limited or no access to the memory in which data or code related to other programs resides. While such partitioned systems are provided by virtualization, other simpler forms of partitioned systems exist. For one example, a separate system management mode may exist in which a set of system management programs and data may operate in space that is inaccessible to the operating system or other programs of the system. Other forms of partitioned systems are known in the art.
Security enhanced hardware platforms are known in the art. A platform feature related to security and to this application is the ability to store data in a trusted platform module. A trusted platform module may be used to provide attestation and sealed storage for data in security related applications. Thus, an agent may retrieve data from a TPM that is attested, thus establishing the identity of the platform to the agent. Furthermore, a TPM generally tracks all changes to the data and therefore may be queried to ensure that no tampering has taken place between the time data was stored in the TPM and the time at which it was requested by an agent.
Other secure platform features may include the ability to protect system memory, or portions thereof, from direct access bypassing a processor; and ability to set read, write or execute restrictions on regions of system memory.